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CLAIMS 

What is claimed is: 

1 . A method for authenticating messages communicated between partners that belong to 
a plurality of partners, the method comprising the steps of: 

maintaining at a trusted intermediary a signature decryption key for each partner of 
said plurality of partners that is authorized to use said trusted intermediary to 
send messages; 

receiving at said trusted intermediary messages originated by partners of said plurality 

of partners that are intended for other partners of said plurality of partners; 
for each message thus received, the trusted intermediary performing the steps of 
using the signature decryption key associated with the partner that sent the 
message to determine whether the message was actually sent by that 
partner; and 

if the message was actually sent by that partner, then sending the message to 
the partner for which the message is intended along with a digital 
signature of said trusted intermediary to indicate that the trusted 
intermediary has verified that the message was actually sent by the 
partner that sent the message. 

2. The method of Claim 1 wherein the signature decryption key for each partner of said 
plurality of partners is a public signature decryption key associated with a private 
signature creation key. 
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The method of Claim 1 wherein the signature decryption key for each partner of said 
plurality of partner is used to decrypt a digital signature associated with a message 
that is sent along with the digital signature. 



1 4. The method of Claim 1 wherein the digital signature of the trusted intermediary is 

2 associated with a message that is sent along the digital signature of the trusted 

3 intermediary. 

1 5. The method of Claim 1 wherein the digital signature of the trusted intermediary is 

2 encrypted by a private signature creation key associated with a public signature 
rt 3 decryption key. 

Lfi 

Sr 1 6. A computer-readable medium storing computer code for causing a computer to 

2 perform a method for authenticating messages communicated between partners that 

3 belong to a plurality of partners, by the steps of: 

jj 4 maintaining at a trusted intermediary a signature decryption key for each 

M=' 5 partner of said plurality of partners; 

6 receiving at said trusted intermediary messages originated by partners of said 

7 plurality of partners that are intended for other partners of said 

8 plurality of partners; 

9 for each message thus received, the trusted intermediary performing the steps 
10 of 



-26- 



53964-016 



1 1 using the signature decryption key associated with the partner that sent 

1 2 the message to determine whether the message was actually 

1 3 sent by that partner; and 

1 4 if the message was actually sent by that partner, then sending the 

1 5 message to the partner for which the message is intended along 

16 with a digital signature of said trusted intermediary to indicate 

1 7 that the trusted intermediary has verified that the message was 

1 8 sent actually sent by the partner that sent the message. 



The computer-readable medium of Claim 6 wherein the signature decryption key for 
each partner is a public signature decryption key associated with a private signature 
creation key. 

The computer-readable medium of Claim 6 wherein the signature decryption key for 
each partner is used to decrypt a digital signature associated with a message is that 
sent along with the digital signature. 

The computer-readable medium of Claim 6 wherein the digital signature of the trusted 
intermediary is associated with a message that is sent along with the digital signature. 

The computer-readable medium of Claim 6 wherein the digital signature of the trusted 
intermediary is encrypted by a private signature creation key associated with a public 
signature decryption key. 
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1 11. A computer for use in communications between partners that belong to a plurality of 

2 partners, comprising: 

3 storage means configured to store a signature decryption key for each partner 

4 of said plurality of partners that is authorized to use said computer to 

5 send messages; 

6 receiving means configured to receive messages that are originated by 

7 partners of said plurality of partners and that are intended for other 

8 partners of said plurality of partners; 

9 signature decryption means; and 

1 0 sending means; wherein 

1 1 for each message thus received, 

12 said signature decryption means is configured to use the signature 

1 3 decryption key associated with the partner that sent the 

14 message to determine whether the message was actually sent 

15 by that partner; and 

16 if the message was actually sent by that partner, said sending means is 

17 configured to send the message along with a digital signature 

1 8 of said trusted intermediary to the partner for which the 

19 message is intended; wherein said digital signature of said 

20 trusted intermediary is used to indicate that said trusted 

2 1 intermediary has verified that the message was actually sent by 

22 the partner that sent the message. 
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1 12. The computer of claim 1 1 further comprising signature encryption means by which 

2 said digital signature of said trusted intermediary was created. 

1 13. A computer network for use in communications between partners that belong to a 

2 plurality of partners, comprising: 

3 a plurality of computers each of which is configured to store a respective 

4 signature creation key of a partner of said plurality of partners that is 

5 authorized to use a trusted intermediary computer to send messages; 

6 wherein said trusted intermediary computer is configured 

7 to store a plurality of signature decryption keys each of which 

8 corresponds to the respective signature creation key that is 

9 stored in each of said plurality of computers; 

10 wherein, upon receiving messages that are originated by partners of said 

1 1 plurality of partners and that are intended for other partners of said 

12 plurality of partners, said trusted intermediary computer, for each 

13 message thus received, is configured 

14 to use the signature decryption key associated with the partner 

1 5 that sent the message to determine whether the message 

1 6 was actually sent by that partner; and 

1 7 if the message was actually sent by that partner, then sending 

1 8 the message to the partner for which the message is 

1 9 intended along with a digital signature of said trusted 

20 intermediary to indicate that the trusted intermediary 
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has verified that the message was actually sent by that 
partner that sent the message. 





1 


14. 


A method for a trusted intermediary to manage keys used in communications between 




2 




partners that belong to a plurality of partners, the method comprising the steps of: 




3 




a trusted intermediary maintaining a message encryption key for each partner 




4 




of said plurality of partners that is authorized to use said trusted 




5 




intermediary to receive messages; wherein 




6 




upon receiving messages that are originated by partners of said plurality of 




7 




partners and that are intended for other partners of said plurality of 


•~ i'li 
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8 




partners, said trusted intermediary, for each message thus received, 


iti 


9 




performing the steps of 




10 




encrypting the message using the message encryption key 




11 




associated with the partner for which the message is 


A 


12 




intended; and 




13 




sending the encrypted message to the partner for which the 




14 




message is intended. 




1 


15. 


The method of Claim 14 wherein the message encryption key for each partner of said 




2 




plurality of partners is a public message encryption key associated with a private 




3 




message decryption key. 




1 


16. 


The method of Claim 14 wherein each of the messages that are originated by partners 



2 of said plurality of partners and that are intended for other partners of said plurality of 
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partners was encrypted using a message encryption key associated with the trusted 




4 


intermediary. 




1 17. 


The method of Claim 16 wherein said message encryption key associated with said 




2 


trusted intermediary is a public message encryption key that is associated with a 




3 


private message decryption key. 




1 18. 


A computer-readable medium storing computer code for causing a computer to 




2 


perform a method for a trusted intermediary to manage keys used in communications 




3 


between partners that belong to a plurality of partners, by the steps of: 




4 


said trusted intermediary maintaining a message encryption key for each 




5 


partner of said plurality of partners that is authorized to use said 


CI 


6 


trusted intermediary to receive messages; wherein 


\l 


7 


upon receiving messages originated by partners of said plurality of partners 




8 


that are intended for other partners of said plurality of partners, said 


4 


9 


trusted intermediary, for each message thus received, performing the 




10 


steps of 




11 


encrypting the message using the message encryption key 




12 


associated with the partner for which the message is 




13 


intended; and 




14 


sending the encrypted message to the partner for which the 




15 


message is intended. 
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1 1 9. The computer-readable medium of Claim 1 8 wherein the message encryption key for 

2 each partner of said plurality of partners is a public message encryption key 

3 associated with a private message decryption key. 

1 20. The computer-readable medium of Claim 1 8 wherein the computer further performs 

2 the step of: 

3 each partner of said plurality of partners that sends messages to said trusted 

4 intermediary maintains a message encryption key associated with a 

5 message decryption key of said trusted intermediary. 

1 21. The computer-readable medium of Claim 20 wherein said message encryption key 

2 associated with said message decryption key of said trusted intermediary is a public 

3 message encryption key and said message decryption key of said trusted intermediary 

4 is a private message decryption key. 

1 22. A computer for use in communications between partners that belong to a plurality of 

2 partners, comprising: 

3 storage means configured to store a message encryption key for each partner 

4 of said plurality of partners that is authorized to use said computer to 

5 receive messages; 

6 message encryption means; 

7 sending means; and 
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receiving means configured to receive messages that are originated by 

partners of said plurality of partners and that are intended for other 
partners of said plurality of partners; wherein 
for each message thus received, 

said message encryption means encrypts the message using the 

message encryption key associated with the partner for which 
the message is intended; and 
said sending means sends the encrypted message to the partner for 
which the message is intended. 

The computer system of claim 22 further comprising message decryption means that, 
for each message thus received, produces that message fi-om an encrypted message. 

A computer network for use in communications between partners that belong to a 
plurality of partners, comprising: 

a plurality of computers each of which is configured to store a respective 

message decryption key of a partner of said plurality of partners that is 
authorized to use a trusted intermediary computer to receive messages; 
wherein said trusted intermediary computer is configured 

to store a plurality of message encryption keys each of which 



corresponds to the respective message decryption key that is 



stored in each of said plurality of computers; 



wherein, upon receiving messages that are originated by partners of said 



plurality of partners and that are intended for others partners of said 
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12 plurality of partners, said trusted intermediary computer, for each 

1 3 message thus received, is configured 

14 to encrypt the message using the message encryption key 

1 5 associated with the partner for which the message is 

16 intended, and 

17 to send the encrypted message to the partner for which the 

1 8 message is intended. 
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